Current:Home > Contact-usRansomware attacks are hitting small businesses. These are experts' top defense tips-InfoLens
Ransomware attacks are hitting small businesses. These are experts' top defense tips
View Date:2024-12-23 16:25:34
WASHINGTON — Over recent years, cybercriminals have targeted governments and small businesses alike in massive digital heists — making hundreds of millions of dollars in 2021 alone in exchange for unlocking victims' systems. As the attacks got more high profile, peaking after Colonial Pipeline's shutdown last spring led to fuel shortages across the East Coast, the need for solutions became more desperate.
In 2021, U.S. government officials, academics, and members of think-tanks and the private sector formed the Ransomware Task Force. Its latest report was published in early August with the help of the Center for Internet Security. The report is designed to give small and medium sized businesses a checklist of step to prepare for, defend against, and recover from ransomware attacks, using data about attacks and what strategies have worked in the past.
The most vulnerable
Although there's been a debate recently about whether the overall rate and cost of ransomware attacks is decreasing — due to global attention, law enforcement action, seizing digital funds, and international pressure on Russia, where many ransomware gangs operate from —it's still a major problem. The Ransomware Blueprint is directed toward small and medium-size businesses because of how frequently they are targeted and their relative lack of resources.
In February 2021, the Cybersecurity and Infrastructure Security Agency (CISA) noted a trend after a spate of high-profile international and law enforcement attention on big ransomware attacks: The criminals had slowed down their "big game" hunting, or targeting of large businesses and critical infrastructure. That left smaller businesses, whose victimhood might draw less attention. According to the Ransomware Taskforce, businesses with fewer than 500 employees were hit by 70 percent of the attacks in 2021. The blueprint is designed "to remove a critical barrier" for small and medium businesses "with limited cybersecurity expertise in defending against ransomware," concluded the authors of the report.
The timeline
According to the blueprint, ransomware defense begins by knowing what's on the network.
That means keeping a registry of all software, hardware, and data on the cloud, exploring how the network functions on an average day and who has access to which components.
It sounds simple, but, according to Valecia Stocchetti, a senior cybersecurity engineer and co-author of the blueprint, criminals are constantly studying.
"Sometimes the criminals are more familiar with what is going on in your network than you are," she said in an interview with NPR.
Once everything is identified, the work of protecting the network begins.
That means training employees and making sure the network is configured securely, which includes installing firewalls and making sure users or software that are later added on can't bypass security procedures.
Each organization should also have a tiered system of access, making sure employees don't have privileged access to parts of the network they don't need for their work.
Organizations need to keep a close eye on research published about security vulnerabilities, and constantly be patching those holes when companies release the fixes. CISA maintains a list of vulnerabilities and ranks them according to how dangerous they are and how easy they are for criminals to exploit, helping organizations prioritize the work to patch them.
Many of the instructions, while tailored toward ransomware, offer good general information.
The report's authors note that attackers can use several strategies to break into systems before launching a ransomware attack, including malicious email attachments or web browsers. Deploying anti-malware software and preventing removeable media from automatically running on the system can make a big difference.
Stocchetti said one of the most helpful pieces of advice is to install multifactor authentication, meaning multiple ways to verify identity beyond just a password.
Sometimes, despite best efforts, criminals still find a way in. That's why it's vital that companies have a plan to respond to an attack, and that they practice it frequently and know who is authorized to do what in an emergency.
"It's things like making sure you make a list of who to contact when you know the fire erupts because not everything is 100 percent bulletproof, as we all know," she said.
That also means that organizations backup their data, encrypt those backups, and make sure the backups aren't connected to the primary network, or the criminals will get access and make all the effort worthless.
The money
One of the biggest quandaries for companies hit by ransomware is whether to pay to unlock their files, action that the FBI discourages but is sometimes difficult to avoid when critical functions are disrupted by the attack.
But there's also a cost to lost business, reconstituting systems, hiring incident response experts, and repairing damages. Cyber insurance policies can be helpful to offset those costs.
However, sometimes companies struggle with understanding or feeling fully protected by those policies. According to a recent study from Blackberry and Corvus Insurance, a high percentage of companies said they would hesitate to get into business with organizations that aren't covered by cyber insurance, recognizing its importance. However, just 14 percent of small and medium-size businesses have policies that cover over $600,000, restrictions that led more than half of respondents to say they hoped for more financial assistance from the government, particularly when attacked by a nation state. Many companies said there's a lack of transparency from some firms about what is actually covered by their policies, which are constantly getting more expensive.
Davis Hake, the co-founder of Resilience Insurance and one of the co-authors of the blueprint, told NPR that a more symbiotic relationship between the insurance industry and small and medium-size businesses could be beneficial.
If insurance companies require their policy holders to implement the action items in the blueprint, or offer to help them put those things in place, he said, it will help increase resilience and, hopefully, limit costly payouts.
"We're very good at pricing the risk and using that data to understand that as an industry," Hake said in an interview. "But what I really think is the industry needs to move from not just pricing the risk, but also learning how do we protect our risks."
veryGood! (499)
Related
- ‘Emilia Pérez’ wouldn’t work without Karla Sofía Gascón. Now, she could make trans history
- News media don’t run elections. Why do they call the winners?
- Honolulu’s dying palms to be replaced with this new tree — for now
- 'Dancing With the Stars' Anna Delvey elimination episode received historic fan votes
- 2025 NFL Draft order: Updated first round picks after Week 10 games
- Yes, Glitter Freckles Are a Thing: Here's Where to Get 'Em for Football or Halloween
- Opinion: WWE can continue covering for Vince McMahon or it can do the right thing
- How elections forecasters became political ‘prophets’
- Summer I Turned Pretty's Gavin Casalegno Marries Girlfriend Cheyanne Casalegno
- Election conspiracy theories fueled a push to hand-count votes, but doing so is risky and slow
Ranking
- Does your dog have arthritis? A lot of them do. But treatment can be tricky
- The sports capital of the world? How sports boosted Las Vegas' growth
- Meryl Streep, Melissa McCarthy shock 'Only Murders' co-stars, ditch stunt doubles for brawl
- The hunt for gasoline is adding to Floridians’ anxiety as Milton nears
- John Krasinski Revealed as People's Sexiest Man Alive 2024
- Who can vote in US elections, and what steps must you take to do so?
- Federal judge in Alabama hears request to block 3rd nitrogen execution
- Honolulu’s dying palms to be replaced with this new tree — for now
Recommendation
-
Former North Carolina labor commissioner becomes hospital group’s CEO
-
Critical locked gate overlooked in investigation of Maui fire evacuation
-
New York Jets retain OC Nathaniel Hackett despite dismissing head coach Robert Saleh
-
These October Prime Day Deals 2024 Have Prices Better Than Black Friday & Are up to 90% Off
-
13 escaped monkeys still on the loose in South Carolina after 30 were recaptured
-
'We're just exhausted': The battered and storm-weary prepare for landfall. Again.
-
'Avoid spreading false information,' FEMA warns, says agency is 'prepared to respond'
-
Keith Urban Reacts to His and Nicole Kidman’s Daughter Sunday Making Runway Debut at Paris Fashion Week